package com.myshiro.hello;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;

public class Quickstart {

    private static final transient Logger log = LoggerFactory.getLogger(Quickstart.class);


    public static void main(String[] args) {


//        SecurityManager securityManager = new BasicIniEnvironment("classpath:shiro.ini").getSecurityManager();

//        SecurityUtils.setSecurityManager(securityManager);

        Subject currentUser = SecurityUtils.getSubject();


        Session session = currentUser.getSession();
        session.setAttribute("aaa", "悟空");

        String value = (String) session.getAttribute("aaa");
        if (value.equals("悟空")) {
            log.info("悟空你好");
        }

        if (!currentUser.isAuthenticated()) {//! 认证通过
            UsernamePasswordToken token = new UsernamePasswordToken("xietao", "vespa");
            token.setRememberMe(true);//记住我
            try {
                currentUser.login(token);//登录
            } catch (UnknownAccountException uae) {
                log.info("账户不存在There is no user with username of " + token.getPrincipal());
            } catch (IncorrectCredentialsException ice) {
                log.info("密码错误Password for account " + token.getPrincipal() + " was incorrect!");
            } catch (LockedAccountException lae) {
                log.info("账户已经被锁定The account for username " + token.getPrincipal() + " is locked.  " +
                        "Please contact your administrator to unlock it.");
            }
            // ... catch more exceptions here (maybe custom ones specific to your application?
            catch (AuthenticationException ae) {
                //unexpected condition?  error?
            }
        }

        //say who they are:
        //print their identifying principal (in this case, a username):
        log.info("User [" + currentUser.getPrincipal() + "] 登录成功.");

        //test a role:
        if (currentUser.hasRole("caigou")) {
            log.info("有采购权限");
        } else {
            log.info("Hello,普通用户.");
        }

        //test a typed permission (not instance-level)
        if (currentUser.isPermitted("caigou:useradd")) {
            log.info("采购拥有user模块的操作权限.");
        } else {
            log.info("Sorry, 你没有user模块的操作权限.");
        }

        //a (very powerful) Instance Level permission:
        if (currentUser.isPermitted("winnebago:drive:eagle5")) {
            log.info("有超级权限");
        } else {
            log.info("对不起,你能没有指定的权限");
        }

        //all done - log out!
        currentUser.logout();

        System.exit(0);
    }
}